From cc29364f06178f8f6b457384f2ec37a042bd9d43 Mon Sep 17 00:00:00 2001 From: tpearson Date: Wed, 1 Sep 2010 00:37:02 +0000 Subject: * Massive set of changes to bring in all fixes and enhancements from the Enterprise PIM branch * Ensured that the Trinity changes were applied on top of those enhancements, and any redundancy removed * Added journal read support to the CalDAV resource * Fixed CalDAV resource to use events URL for tasks and journals when separate URL checkbox unchecked git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdepim@1170461 283d02a7-25f6-0310-bc7c-ecb5cbfe19da --- kioslaves/sieve/sieve.cpp | 58 +++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 51 insertions(+), 7 deletions(-) (limited to 'kioslaves/sieve/sieve.cpp') diff --git a/kioslaves/sieve/sieve.cpp b/kioslaves/sieve/sieve.cpp index 9f3b547a2..bc7811662 100644 --- a/kioslaves/sieve/sieve.cpp +++ b/kioslaves/sieve/sieve.cpp @@ -39,6 +39,7 @@ extern "C" { #include #include #include +#include #include #include @@ -46,6 +47,7 @@ extern "C" { #include using std::exit; #include +#include #include @@ -193,6 +195,7 @@ kio_sieveProtocol::kio_sieveProtocol(const TQCString &pool_socket, const TQCStri , m_connMode(NORMAL) , m_supportsTLS(false) , m_shouldBeConnected(false) + , m_allowUnencrypted(false) { } @@ -274,7 +277,7 @@ bool kio_sieveProtocol::parseCapabilities(bool requestCapabilities/* = false*/) setMetaData("tlsSupported", "true"); } else { - ksDebug() << "Unrecognised key " << r.getKey() << endl; + ksDebug() << "Unrecognised key." << endl; } } @@ -288,7 +291,7 @@ bool kio_sieveProtocol::parseCapabilities(bool requestCapabilities/* = false*/) /* ---------------------------------------------------------------------------------- */ /** - * Checks if connection parameters (currently - auth method) have changed. + * Checks if connection parameters have changed. * If it it, close the current connection */ void kio_sieveProtocol::changeCheck( const KURL &url ) @@ -316,6 +319,14 @@ void kio_sieveProtocol::changeCheck( const KURL &url ) if ( isConnectionValid() ) disconnect(); } + + // For TLS, only disconnect if we are unencrypted and are + // no longer allowed (otherwise, it's still fine): + const bool allowUnencryptedNow = url.queryItem("x-allow-unencrypted") == "true" ; + if ( m_allowUnencrypted && !allowUnencryptedNow ) + if ( isConnectionValid() ) + disconnect(); + m_allowUnencrypted = allowUnencryptedNow; } /* ---------------------------------------------------------------------------------- */ @@ -349,8 +360,25 @@ bool kio_sieveProtocol::connect(bool useTLSIfAvailable) } // Attempt to start TLS + if ( !m_allowUnencrypted && !canUseTLS() ) { + error( ERR_SLAVE_DEFINED, i18n("Can not use TLS. Please enable TLS in the KDE cryptography setting.") ); + disconnect(); + return false; + } + + if ( !m_allowUnencrypted && useTLSIfAvailable && canUseTLS() && !m_supportsTLS && + messageBox( WarningContinueCancel, + i18n("TLS encryption was requested, but your Sieve server does not advertise TLS in its capabilities.\n" + "You can choose to try to initiate TLS negotiations nonetheless, or cancel the operation."), + i18n("Server Does Not Advertise TLS"), i18n("&Start TLS nonetheless"), i18n("&Cancel") ) != KMessageBox::Continue ) + { + error( ERR_USER_CANCELED, i18n("TLS encryption requested, but not supported by server.") ); + disconnect(); + return false; + } + // FIXME find a test server and test that this works - if (useTLSIfAvailable && m_supportsTLS && canUseTLS()) { + if (useTLSIfAvailable && canUseTLS()) { sendData("STARTTLS"); if (operationSuccessful()) { ksDebug() << "TLS has been accepted. Starting TLS..." << endl @@ -362,15 +390,31 @@ bool kio_sieveProtocol::connect(bool useTLSIfAvailable) parseCapabilities( requestCapabilitiesAfterStartTLS() ); } else { ksDebug() << "TLS initiation failed, code " << retval << endl; - disconnect(true); - return connect(false); - // error(ERR_INTERNAL, i18n("TLS initiation failed.")); + if ( m_allowUnencrypted ) { + disconnect(true); + return connect(false); + } + if ( retval != -3 ) + messageBox( Information, + i18n("Your Sieve server claims to support TLS, " + "but negotiation was unsuccessful."), + i18n("Connection Failed") ); + disconnect(true); + return false; } + } else if ( !m_allowUnencrypted ) { + ksDebug() << "Server incapable of TLS." << endl; + disconnect(); + error( ERR_SLAVE_DEFINED, i18n("The server does not seem to support TLS. " + "Disable TLS if you want to connect without encryption.") ); + return false; } else ksDebug() << "Server incapable of TLS. Transmitted documents will be unencrypted." << endl; } else ksDebug() << "We are incapable of TLS. Transmitted documents will be unencrypted." << endl; + assert( m_allowUnencrypted || usingTLS() ); + infoMessage(i18n("Authenticating user...")); if (!authenticate()) { disconnect(); @@ -637,7 +681,7 @@ void kio_sieveProtocol::put(const KURL& url, int /*permissions*/, bool /*overwri i18n("The script did not upload successfully.\n" "This is probably due to errors in the script.\n" "The server responded:\n%1").arg(r.getKey())); - } else + } else error(ERR_INTERNAL_SERVER, i18n("The script did not upload successfully.\n" "The script may contain errors.")); -- cgit v1.2.1